I would imagine that this would have to either happen on Apache infra or be
a GH action administered by someone with uber rights, though, yes, this is
a good option. I don't have all the working pieces in my flows, but it
would be convenient for my packages to have a similar mechanism, so if thi
Is there an option to trust a ci machine and automate the publish with a
push of a tag after a successful vote? With this, anyone having the
possibility to push a tag can forge a release with almost no effort.
--
Sent from my phone. Typos are a kind gift to anyone who happens to find
them.
On Mon,
Correct, nuget publish. An option, once I'm trusted, is to allow me to
publish. My nuget login is done via Microsoft credentials for
dav...@gmail.com, and is secured by 2FA, so the only real risk is how dodgy
I am (:
If it's of interest to anyone, my profile is at
https://www.nuget.org/profil
I guess that would be a nuget publish.
https://docs.microsoft.com/en-us/nuget/nuget-org/publish-a-package
The credentials to that account are stored in the private repos of logging
pmc. Most members of the pmc should be in the set of recipients with their
gpg key.
--
Sent from my phone. Typos are
The nuget.org question is probably of the highest priority - that's how
most people are going to get any .net package release. If it's not on
nuget.org, it might as well not be released. Any idea who would know about
releasing there? Is there someone I can bother?
-d
On August 17, 2020 18:08
The release notes are generated from the README.html file in the dist
area. I'm not sure where they're generated from, but some sort of
changelog file to go alongside the artifacts could be helpful here.
Otherwise, we'd typically only worry about the download links on the
logging.apache.org site.
I am using a recent version in production Ubuntu servers, so it is
definitely release ready.
+1
On Mon, Aug 17, 2020, 7:27 PM Christian Grobmeier
wrote:
> Hello,
>
> I am not an expert on c++ or something, but I looked on the content, read
> this thread and think it is safe to release this. Howe
Hello,
I am not an expert on c++ or something, but I looked on the content, read this
thread and think it is safe to release this. However, my hope is that in future
more competent cxx devs than me would check it :)
I vote +1 also
Cheers,
Christian
On Mon, Aug 17, 2020, at 08:08, Ralph Goers
Guten Tag Ralph Goers,
am Montag, 17. August 2020 um 08:08 schrieben Sie:
> I noticed that the files have she and md5 files. We are not
> supposed to use either of these any more and only use sha512. I can fix that.
While the file extension is named ".sha", SHA-512 is calculated
already:
> gpg -